package org.apache.karaf.jaas.modules.publickey;

import java.io.ByteArrayOutputStream;
import java.io.DataOutputStream;
import java.io.File;
import java.io.IOException;
import java.math.BigInteger;
import java.security.PublicKey;
import java.security.interfaces.DSAPublicKey;
import java.security.interfaces.RSAKey;
import java.security.interfaces.RSAPublicKey;
import java.util.HashSet;
import java.util.Map;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.FailedLoginException;
import javax.security.auth.login.LoginException;
import org.apache.felix.utils.properties.Properties;
import org.apache.karaf.jaas.boot.principal.GroupPrincipal;
import org.apache.karaf.jaas.boot.principal.RolePrincipal;
import org.apache.karaf.jaas.boot.principal.UserPrincipal;
import org.apache.karaf.jaas.modules.AbstractKarafLoginModule;
import org.apache.karaf.jaas.modules.BackingEngine;
import org.apache.karaf.jaas.modules.encryption.BasicEncryption;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/karaf/jaas/modules/publickey/PublickeyLoginModule.class */
public class PublickeyLoginModule extends AbstractKarafLoginModule {
    private final Logger LOG = LoggerFactory.getLogger(PublickeyLoginModule.class);
    private static final String USERS_FILE = "users";
    private String usersFile;

    public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String, ?> map, Map<String, ?> map2) {
        super.initialize(subject, callbackHandler, map2);
        this.usersFile = ((String) map2.get(USERS_FILE)) + "";
        if (this.debug) {
            this.LOG.debug("Initialized debug=" + this.debug + " usersFile=" + this.usersFile);
        }
    }

    public boolean login() throws LoginException {
        File file = new File(this.usersFile);
        try {
            Properties properties = new Properties(file);
            NameCallback[] nameCallbackArr = {new NameCallback("Username: "), new PublickeyCallback()};
            try {
                this.callbackHandler.handle(nameCallbackArr);
                String name = nameCallbackArr[0].getName();
                if (name == null) {
                    throw new FailedLoginException("Unable to retrieve user name");
                }
                PublicKey publicKey = ((PublickeyCallback) nameCallbackArr[1]).getPublicKey();
                if (publicKey == null) {
                    throw new FailedLoginException("Unable to retrieve public key");
                }
                String str = null;
                try {
                    str = (String) properties.get(name);
                } catch (NullPointerException e) {
                }
                if (str == null) {
                    if (this.detailedLoginExcepion) {
                        throw new FailedLoginException("User " + name + " does not exist");
                    }
                    throw new FailedLoginException("login failed");
                }
                String[] split = str.split(",");
                if (!getString(publicKey).equals(split[0])) {
                    if (this.detailedLoginExcepion) {
                        throw new FailedLoginException("Public key for " + name + " does not match");
                    }
                    throw new FailedLoginException("login failed");
                }
                this.principals = new HashSet();
                this.principals.add(new UserPrincipal(name));
                for (int i = 1; i < split.length; i++) {
                    if (split[i].trim().startsWith(BackingEngine.GROUP_PREFIX)) {
                        this.principals.add(new GroupPrincipal(split[i].trim().substring(BackingEngine.GROUP_PREFIX.length())));
                        String str2 = (String) properties.get(split[i].trim());
                        if (str2 != null) {
                            String[] split2 = str2.split(",");
                            for (int i2 = 1; i2 < split2.length; i2++) {
                                this.principals.add(new RolePrincipal(split2[i2].trim()));
                            }
                        }
                    } else {
                        this.principals.add(new RolePrincipal(split[i].trim()));
                    }
                }
                properties.clear();
                if (!this.debug) {
                    return true;
                }
                this.LOG.debug("Successfully logged in " + name);
                return true;
            } catch (IOException e2) {
                throw new LoginException(e2.getMessage());
            } catch (UnsupportedCallbackException e3) {
                throw new LoginException(e3.getMessage() + " not available to obtain information from user");
            }
        } catch (IOException e4) {
            throw new LoginException("Unable to load user properties file " + file);
        }
    }

    private String getString(PublicKey publicKey) throws FailedLoginException {
        try {
            if (publicKey instanceof DSAPublicKey) {
                DSAPublicKey dSAPublicKey = (DSAPublicKey) publicKey;
                ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                DataOutputStream dataOutputStream = new DataOutputStream(byteArrayOutputStream);
                write(dataOutputStream, "ssh-dss");
                write(dataOutputStream, dSAPublicKey.getParams().getP());
                write(dataOutputStream, dSAPublicKey.getParams().getQ());
                write(dataOutputStream, dSAPublicKey.getParams().getG());
                write(dataOutputStream, dSAPublicKey.getY());
                dataOutputStream.close();
                return BasicEncryption.base64Encode(byteArrayOutputStream.toByteArray());
            }
            if (!(publicKey instanceof RSAKey)) {
                throw new FailedLoginException("Unsupported key type " + publicKey.getClass().toString());
            }
            RSAPublicKey rSAPublicKey = (RSAPublicKey) publicKey;
            ByteArrayOutputStream byteArrayOutputStream2 = new ByteArrayOutputStream();
            DataOutputStream dataOutputStream2 = new DataOutputStream(byteArrayOutputStream2);
            write(dataOutputStream2, "ssh-rsa");
            write(dataOutputStream2, rSAPublicKey.getPublicExponent());
            write(dataOutputStream2, rSAPublicKey.getModulus());
            dataOutputStream2.close();
            return BasicEncryption.base64Encode(byteArrayOutputStream2.toByteArray());
        } catch (IOException e) {
            throw new FailedLoginException("Unable to check public key");
        }
    }

    private void write(DataOutputStream dataOutputStream, BigInteger bigInteger) throws IOException {
        byte[] byteArray = bigInteger.toByteArray();
        dataOutputStream.writeInt(byteArray.length);
        dataOutputStream.write(byteArray, 0, byteArray.length);
    }

    private void write(DataOutputStream dataOutputStream, String str) throws IOException {
        byte[] bytes = str.getBytes();
        dataOutputStream.writeInt(bytes.length);
        dataOutputStream.write(bytes);
    }

    public boolean abort() throws LoginException {
        clear();
        if (!this.debug) {
            return true;
        }
        this.LOG.debug("abort");
        return true;
    }

    public boolean logout() throws LoginException {
        this.subject.getPrincipals().removeAll(this.principals);
        this.principals.clear();
        if (!this.debug) {
            return true;
        }
        this.LOG.debug("logout");
        return true;
    }
}
